Comptroller DiNapoli Releases Audits

New York State Comptroller Thomas P. DiNapoli today announced that the following audits have been issued:

Department of Health Oversight of the Spinal Cord Injury Research Trust Fund (Report 2007-S-32)
The Spinal Cord Injury Research Trust Fund was created to provide grants for use in finding a cure for spinal cord injuries. The trust fund is financed by a surcharge on drivers who receive traffic tickets. Grants are awarded by a special state board within the Department of Health that was created to oversee the trust fund. The audit reviewed grand disbursements and found they were supported by appropriate documentation. However, auditors found that adequate oversight had not been provided to ensure that grant objectives were being attained. For example, the grant recipients had submitted only 44 percent of their progress reports, 60 percent of their final reports, and none of their statistical/qualitative reports or seminar documentation that was required under the grants to demonstrate their performance. The audit identified delays in the grant award process that were attributed, in part, to vacancies on the board and quorum problems from low board member attendance. Further, auditors determined that $13.5 million had been transferred from the trust fund to the state’s general fund because some of the available funding had not been awarded by the board.

Department of Motor Vehicles Revenue Collection and Reporting (Report 2007-S-52)
The Department of Motor Vehicles collects more than 140 different types of fees and fines at more than 150 offices across the state. The revenues are to be distributed to various state funds specified by law. The audit found that the revenue collecting offices established adequate accountability over their collections and accurately reported the collections. However, certain weaknesses in the department’s practices that could lead to delays in the distribution of the revenues were identified. For example, some of the collecting offices were slow to deposit their collections into their bank accounts, further delays could be caused by inefficiencies in processing checks, and complexities could arise from reconciling transactions in five different department revenue reporting systems and more than 170 local bank accounts.

Department of State Vendor Payment Practices (Report 2007-S-124)
The Department of State licenses certain activities, administers building and commercial codes, and provides other regulatory and administrative services. Under the Prompt Payment Law, vendors may receive interest on their payments from New York State when the payments are not timely. The audit examined the untimely vendor payments made by the Department of State over a 19-month period to determine whether the delays were avoidable, and found that they were.

Multi-Agency Emergency Preparedness at Selected State Agencies (2007-S-29)
The State Emergency Management Office (SEMO) is responsible for coordinating emergency management planning efforts in New York State. The audit reviewed the planning efforts at several state agencies and found that the level of emergency management planning varied greatly from agency to agency. Some agencies had dedicated significant resources to their planning efforts and developed comprehensive emergency management plans, whereas, others had dedicated few to no resources, and developed incomplete or no plans at all. Auditors also identified inconsistencies and an overall lack of uniformity among the plans that had been developed.

New York City Department of Consumer Affairs Controls Over Restaurant and Food Vendor Licenses and Permits (Report 2007-N-15)
The New York City Department of Consumer Affairs issues licenses and permits for restaurants and food vendors, and collects the fees for these licenses and permits. The audit reviewed the department’s controls over these activities and identified certain weaknesses. For example, access to blank licenses and permits was not adequately controlled, and an inventory record of the blank licenses and permits was not maintained. As a result, there was a risk that licenses and permits could be created and sold illegally. Also, license and permit fees were not always deposited promptly.

New York City Department of Health and Mental Hygiene Immunization Program for Public School Children (Report 2007-N-6)
The New York City Department of Health and Mental Hygiene is responsible for ensuring that city school children are immunized against certain communicable diseases. Auditors examined a random sample of children in the city’s database of immunization records and found the school health records were accurate. The audit also examined the department’s process for following up at schools where compliance with immunization requirements was below a certain threshold. The process was effective in promoting compliance, but it would be more efficient if certain parts were automated.

New York City Health and Hospitals Corporation Selected General Controls Over Data Center Security (Report 2007-F-50)
The New York City Health and Hospitals Corporation (HHC) operates the hospitals, clinics and other facilities in New York city’s municipal hospital system, and maintains several major data centers to support these operations. The audit examined the effectiveness of certain controls established by HHC over data center security and found that a number of improvements were needed, particularly regarding weak controls to ensure that only authorized individuals had access to the medical information, business continuity and disaster recovery planning. When auditors followed up on these matters with HHC officials, actions were taking place to implement audit recommendations.

New York State Bridge Authority Compliance With Executive Order 134 – Environmental Impact of Cleaning Facilities (Report 2008-S-18)
The New York State Bridge Authority operates and maintains five toll bridges that cross the Hudson River. Executive Order 134 requires state agencies and certain public authorities such as the New York State Bridge Authority to procure and use cleaning products that minimize the potential impacts to human health and the environment. It also requires the agencies to conduct an assessment of their programs to promote environmentally safe cleaning and transition to certain conforming products within specified time periods. Auditors found the authority was not aware of the Order when we initiated our audit and, therefore, was not in compliance. No assessment was conducted and the authority was, generally, not using environmentally preferred products. However, authority officials did take steps to comply with the Order once our audit commenced.

Office of Temporary and Disability Assistance National Directory of New Hires: Data Security (2008-S-49)
The Office of Temporary and Disability Assistance (OTDA) regularly accesses the federally maintained National Directory of New Hires, which provides a national database of employment and unemployment insurance information. To be allowed access to the directory, OTDA had to agree to comply with certain security requirements for the data it extracted from the directory. The audit examined OTDA’s compliance with these requirements and found that certain improvements were needed. For example, only five individuals were authorized by OTDA to have access to the data; however, auditors determined that more than 100 individuals actually had such access

The reports are available by clicking on the report name or by calling (518) 474-4015.